As title, where is the location OWASP ZAP stored it's session (On Windows).
I have selected persistent session, so I expect to be able to retrieve the session back.
However, when I click File -> Open Session, it bring me to a location where no session is shown. Therefore I would like to know, where the session is being stored by default?
It is stored here "%HOMEPATH%\OWASP ZAP\sessions" by default on Windows,
Note that it is sessions but not session (need the s)
Note: it is ok to ask and answer your own question, see this https://stackoverflow.blog/2011/07/01/its-ok-to-ask-and-answer-your-own-questions
Related
How can I "tell" MobaXterm to remember the server names I was previously connected to, the next time I use it?
I know we have the option of creating a new session (user session) and this way it will remain saved, however, I don't want to create sessions for all the servers I am connecting to. I would want MobaXterm to remember the next time I am ssh-ing on a previous used server.
Many thanks.
I've tried a bunch of commands but they all attach the session into the current session and they as you can imagine it bails when I try to reattach it later as it's already attached in the session nest.
I create sessions for each project I work on with windows to remote servers, logs and vim.
But everytime I want to switch I have to C-a d then screen -DR
I'd rather be able to just type a single command.
Thanks
AFAIK this is not possible with screen and I know of no way to easily work around this limitation. The issue here is that each screen session is independent and has no knowledge of other sessions.
If this is a feature you will use often, I would recommend switching to tmux which does this with <C-b>s. I've used both screen and tmux extensively and have not regretted favoring tmux this past year whenever a terminal multiplexer was called for.
On a side note running nested screen sessions is not too difficult, just send two escapes and commands go to the inner screen session, it helps if the escape is a single character, I like:
escape ``
I am writing a program in vb.net that requires a user to log in before he can use the application. The main user is created when the program is installed, similar to how windows works when it is installed.
The main user can add additional users to the program. I already know that I should store the passwords encrypted. My question is, where should I store the usernames and passwords? The registry, Isolated storage or .config file. I don't want any user to be able to modify/delete that file as the other user would obviously not be able to log in. Also, this file should be accessible for any user that logs into the computer.
The computer is not guaranteed to be connected to the internet, so it must be stored locally.
Thanks
To tell you the truth if someone has the will power to look for the file they will find it, so storage can help up security but I would focus on the contents of the file itself.
You could try to store the data of the application as a encrypted file which could stop the amateur attempts but as you are using the .net framework your program could could be decompiled and any symmetric encryption algorithms could be rendered useless.
I think your best bet would be to either generate a seed according to the computer the program is on, and if decryption fails call home or go into Lock Down.
Another option would be to store the encrypted (encrypted with your symmetric key) file and a hash file (in different locations probably). If the hash of the loaded file then does not match the hash file your program could then call home (If you have a home to call).
This is just a idea, haven't actually tried anything like this.
If you are not able to use windows users/credentials in any way on the machine, then there really is no absolute way to prevent the file from being removed/changed, Since anyone on the computer has the same access as the main user, who needs rights to modify the file in order for him to add users through the program.
The only way to do it for sure is to have the main user logon with a different user name, and set the file permissions on that file/folder to make sure that only the main user has modify permission to the file (and the other user account does not have the right to modify permissions). I know you said it wouldn't work in your environment(which is?) but you might be able to create users and run stuff under different credentials through your code without having the users log on any different.
The only crazy way I can think of is to create a service on the computer that once it starts running, it opens and holds a handle to that file with sharing set such that no other process can open the file for writing. You'd of course have to workout some way for the main user to be able to add users.
I'm writing a WLST script to deploy some WAR's and an EAR. However, intermittently, the script will time out because it can't seem to get an edit lock (this script is part of a chain of many other scripts). I was wondering, is there a way to override or stop any current locks on the server? This is only a temporary solution, but in the interest of time, it will do for now.
Thanks.
You could try setting a wait period and timeout:
startEdit([waitTimeInMillis], [timeoutInMillis], [exclusive]).
Are other scripts erroring out, leaving the session locked? You could try adding exception handling around those. Also, if you have 'Automatically acquire lock" enabled in the Admin Console and you use the admin console sometimes it can cause problems if you are running scripts at the same time, even though you are not making "lock-requiring" changes.
Also, are you using the same user for the chained scripts?
Within WLST, you can pass a number as a parameter to gain an exclusive lock. This allows the script to grab a different lock than the regular one that's used whenever an administrator locks from the console. It also prevents two instances of the same script from stepping on each other.
However, this creates complex change merge scenarios that are best avoided (by processes).
Oracle's documentation on configuration locks can be found here.
Alternatively, if you want the script to temporarily relieve any existing locks regardless of the pending changes, you may as well disable change management from the console, minimizing the inconvenience caused.
WLST also contains the cancelEdit command that you could run before you startEdit. Hope one of these options pan out!
To take the configuration change lock from another administrator:
If another administrator already has the configuration lock, the following message appears: Another user already owns the lock. You will need to either wait for the lock to be released, or take the lock.
Locate the Change Center in the upper left corner of the
Administration Console.
Click Take Lock & Edit.
Make your configuration changes.
In the Change Center, click Activate Changes. Not all changes take
effect immediately. Some require a restart (see Use the Change
Center).
As long as you're running WLST as an administrative user, you should be able to jump into an existing edit session with the edit() command - I've done a quick test with two admin users, one in the Admin Console, and one using WLST, and it appears to work fine - I can see the changes in the Admin Console session inside the WLST interpreter.
You could put a very simple exception handler around your calls to startEdit that will log the exception's stack trace, but do nothing else. And then rely on the edit call to pop you into the change session.
Relying on that is going to be tricky though if another script has started an edit session and is expecting to be able to commit that change session itself - you'll be getting exceptions and unreliable behaviour across multiple invocations.
I was wondering if there is a simple way for a service to create a process in user session?
My service is running as a user(administrator) account and not as a LocalSystem acount, therefore i can't use the WTSQueryUserToken function.
i have tried calling
OpenProcessToken(GetCurrentProcess,TOKEN_ALL_ACCESS,TokenHandle);
but when i use this token to run
CreateProcessAsUser(TokenHandle,.....)
my process is still running in session 0.
how can i resolve this issue?
I'm using an Ole automation so i don't really care on which session the process will be running on, as long it is not the session 0 - because the Ole from some reason doesn't create its processes (winword.exe for instance) in session 0, but rather it creates them in other user sessions.
Any suggestions will be welcome.
Thanks in advance.
I Have been able to resolve this issue myself, thanks for all of those who have looked at this question.
Ok, so as i mentioned above - the Token belongs to a process which is running in session 0...
so what i have done...is looked for a token of a process that is not running in session 0.
when you take it's process id as the parameter for OpenProcessToken.
than the CreateProcessAsUser will create the process in the same session (and probably with the same cridentals as the process you have chosen);
The problem was that i couldn't have get any details on most of the processes using the function: QueryFullProcessImageName - because it has a bug, and it doesn't work on proccesses that are created from a path that contains spaces (like C:\Program files for instance)
and another issue with that function i guess is that because i'm running the original process using a user cridentals i can't access the information of a process that is running using the Local-system account. which is pretty bad because i wanted to take the winlogon.exe as my process (because it indicate a new opened session).
also in order to succeeed in that trick, you must play a little bit with the security of the system, in order to allow the process to ask for elevated security:
what i have chosen to get elevated for is :
SeDebugPrivilege - for finding information on the running processes
SeAssignPrimaryTokenPrivilege - in order to run a new process with the token i extracted from the user session process(i.e explorer.exe)
SeCreateTokenPrivilege - i dont know if it is needed but i did it anyway because it sounds related.
in order to succeed in elevating this Privileges - you must add the user that run the process to the relevant users in all of this Privileges in run->gpedit.msc or run->secpol.msc (under Local Computer Policy\Computer Configuration\ Windows Settings\Security settings\ LocalPolicies\User Rights Assignments)
add your account to the following rights(compaitable with the Previleges above) :
Create a token object
Debug Programs
Replace a Process level token
and that is it! :)
it has been working Great!
Btw, you might want to disable all the UAC stuff...i dont know if it is related or not, but it has made the working with 2008 less painful - no more annoying popups.